Privacy Policy

As a party to a contract with the Commonwealth of Australia, we are bound by the Privacy Act 1988 (Cth) (Privacy Act) and the Australian Privacy Principles (APPs). This policy outlines how and why we collect, use, hold and disclose your personal information.

“We”, “us” and “our” means Impact Investing Australia ABN 67 168 178 827.

You consent to us collecting, holding, using and disclosing your personal information in accordance with this policy. If we cannot collect, handle, use and disclose personal information about you as set out in this policy, we may not be able to provide you with products or services or with access to our website or any applications through it.

What is personal information?

In this policy, personal information has the meaning given to it in the Privacy Act, and includes information or an opinion, whether true or not, about an identified individual or an individual who is reasonably identifiable.

What personal information do we collect and hold?

We collect information about you and your interactions with us, for example, when you apply for, obtain or express an interest in applying for a grant, being listed by us on a directory or seeking other of our products or services; when you call us; when you submit information through our website or social media channels; or when you otherwise visit our website.

The information we collect from you may include your identity and contact details, your job position, your history of access to or use of information and services and details of enquiries or complaints you make.

We may also collect and process non-personal information provided to us by your browser when you visit our website or use any applications on it, for example, the website you came from, your location information, IP address, web browser and/or device type and the time and date of access.

Why do we collect, hold and use your personal information?

We collect, hold and use your personal information so that we can:

  • provide you with grants or other products and services, and manage our relationship with you;
  • contact you, for example, to respond to your queries or complaints, or if we need to tell you something important;
  • comply with our legal obligations and assist government and law enforcement agencies or regulators; or
  • identify and tell you about other products or services that we think may be of interest to you.

If you do not provide us with your personal information, we may not be able to provide you with our products or services, communicate with you or respond to your enquiries.

How do we collect your personal information?

We will collect your personal information directly from you whenever you interact with us. This may include:

  • from you directly when you provide your details to us;
  • from you indirectly through emails, forms, face-to-face meetings, interviews, business cards, online queries and telephone conversations, and through use of the services available through our website, applications and social media channels; and
  • from third parties in some instances, for example, we may use third parties to analyse traffic at our website and social media channels, which may involve the use of cookies. (A cookie is a small text file that the website may place on your device to store information. We may use persistent cookies (which remain on your computer even after you close your browser) to store information that may speed up your use of our website for any of your future visits to the website. We may also use session cookies (which no longer remain after you end your browsing session) to help manage the display and presentation of information on the website. You may refuse to use cookies by selecting the appropriate settings on your browser. However, please note that if you do this, you may not be able to use the full functionality of our website. In some circumstances, we may collect personal information about an individual from a third party, for example, a report provided by a professional or a reference from another person.

If we receive personal information by error, we will take steps to advise the third party who provided the information. We will destroy the information received, unless required by the APP or other legal obligations to do otherwise.

How do we store and hold personal information?

We store most information about you in computer systems and databases operated either by us or our external service providers. Some information about you is recorded in paper files that we store securely.

We implement and maintain processes and security measures to protect personal information which we hold from misuse, interference or loss, and from unauthorised access, modification or disclosure.

These processes and systems include:

  • the use of identity and access management technologies to control access to systems on which information is processed and stored; and
  • requiring all employees to comply with internal information security policies and keep information secure.

We will also take reasonable steps to destroy or de-identify personal information once we no longer require it for the purposes for which it was collected or for any secondary purpose permitted under the APPs.

Who do we disclose your personal information to, and why?

We may transfer or disclose your personal information to our related companies.

We may transfer or disclose your personal information to the Commonwealth Department of Social Services or other Commonwealth Government departments or agencies to allow us to fulfil our obligations under any law (including any statute or regulations) or contract with such entities. This may include research, surveys and evaluations undertaken by or on behalf of such entities.

We may disclose personal information to external service providers so that they may perform services for us or the Commonwealth Government or on our behalf or behalf of the Commonwealth Government.

We may also disclose your personal information to other persons not mentioned above where:

  • we are required or authorised by law to do so;
  • you may have expressly consented to the disclosure or the consent may be reasonably inferred from the circumstances; or
  • we are otherwise permitted to disclose the information under the Privacy Act.

If the ownership or control of all or part of our business changes, we may transfer your personal information to the new owner.

Do we disclose personal information to overseas recipients?

We may disclose your personal information to the following overseas recipients:

  • to other companies or individuals who assist us in providing services or who perform functions on our behalf (such as third-party service providers);
  • to courts, tribunals and regulatory authorities;
  • to anyone else you authorise us to disclose it; and
  • to anyone else where we are required or authorised by law to do so.

Do we use your personal information for marketing?

We will use your personal information to offer you products and services we believe may interest you, but we will not do so if you tell us not to. These products and services may be offered by us, our related companies, our other business partners or our service providers.

Where you receive electronic marketing communications from us, you may opt out of receiving further marketing communications by following the opt-out instructions provided in the communication.

Access to and correction of your personal information

You may access or request correction of the personal information that we hold about you by contacting us. Our contact details are set out below. There are some circumstances in which we are not required to give you access to your personal information.

There is no charge for requesting access to your personal information, but we may require you to meet our reasonable costs in providing you with access (such as photocopying costs or costs for time spent on collating large amounts of material).

We will respond to your requests to access or correct personal information in a reasonable time and will take all reasonable steps to ensure the personal information we hold about you remains accurate and up to date.


If you have a complaint about the way in which we have handled any privacy issue, including your request for access or correction of your personal information, you should contact us. Our contact details are set out below.

We will consider your complaint and determine whether it requires further investigation. We will notify you of the outcome of this investigation and any subsequent internal investigation.

If you remain unsatisfied with how we have handled a privacy issue, you may approach an independent advisor or contact the Office of the Australian Information Commissioner (OAIC) ( for guidance on alternative courses of action that may be available.

Contact details

If you have any questions, comments, requests or concerns, please contact us at:

Impact Investing Australia ABN 67 168 178 827, Level 20, 80 Collins Street, Melbourne, VIC 3000, Australia.


Changes to this policy

From time to time, we may change our policy on how we handle personal information or the types of personal information that we hold. Any changes to our policy will be published on our website.

You may obtain a copy of our current policy from our website or by contacting us at the contact details above.


Document titleImpact Investing Australia (IIA)
Code of Conduct
ScopeThe Code of Conduct applies to all staff, volunteers, contractors, and Board members representing IIA in any way.
Related documentsNational Principles for Child Safe Organisations Impact Investing Australia Privacy Policy
Document ownerImpact Investing Australia CEO
AuthorityThe Code of Conduct is approved by the IIA Board.
Effective dateSeptember 2022Review dateSeptember 2024
Authorised byIIA BoardDate approved15 September 2022
1Version 1August 2022